Addition of the PDK content and example code for Documentation_content according to Feature bug 1607 and bug 1608
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="GUID-362FF929-EC18-5FE9-8FB0-DAFF5D559725" xml:lang="en"><title>File
Tokens Configuration</title><abstract><p>File tokens provides software emulation of key store and certificate
store tokens, using the APIs defined by the <xref href="GUID-A6FF1073-AA55-588D-8DC1-0A8C16864891.dita">CryptoToken
Framework</xref>. </p></abstract><prolog><metadata><keywords/></metadata></prolog><conbody>
<p>The configuration files for file tokens are stored at <codeph>…\os\security\securityanddataprivacytools\securityconfig\filetokens</codeph> location.
It includes resource files (<filepath>FSTokenServer.rls</filepath> and <filepath>FSTokenServer.rss</filepath>)
that define the user interface (UI) strings. </p>
<p>Device creators can customize the UI strings in the resource file for UI
implementation. </p>
<section><title>Description</title><p><b>FSTokenServer.rls</b> </p> <p>The
default implementation of <filepath>FSTokenServer.rls</filepath> file looks
like this: </p> <codeblock id="GUID-BE3FBB12-0C83-5050-AC1F-311ADED92AEF" xml:space="preserve">rls_string STRING_r_import_passphrase "Passphrase of the imported key file"
rls_string STRING_r_export_passphrase "Passphrase of the exported key file"
rls_string STRING_r_ping_passphrase "Key store passphrase"
rls_string STRING_r_create_ping_passphrase "New key store passphrase"</codeblock> <p><b>FSTokenServer.rss</b> </p> <p>The
default implementation of <filepath>FSTokenServer.rss</filepath> file looks
like this: </p> <codeblock id="GUID-182D51A6-72B6-5794-B914-EAF6F589C784" xml:space="preserve">NAME FSTS
#include <uikon.rh>
#include "FSTokenServer.rls"
RESOURCE RSS_SIGNATURE { }
RESOURCE ARRAY r_fsserver_strings
{
items=
{
LBUF { txt=STRING_r_import_passphrase; },
LBUF { txt=STRING_r_export_passphrase; },
LBUF { txt=STRING_r_ping_passphrase; },
LBUF { txt=STRING_r_create_ping_passphrase; }
};
}</codeblock> <p>File tokens use the compiled version (<filepath>FSTokenServer.rsc)</filepath> of
the resource file at runtime to get the passphrase during the following tasks: </p> <ul>
<li id="GUID-879E2DAE-18DC-5CE4-B427-6496BBB92ECC"><p>Importing or exporting
of keys </p> </li>
<li id="GUID-768A3A2D-80F8-5CE2-AD57-359AAA068643"><p>Creation or manipulating
a key store </p> <p> <b>Note</b>: The key store maintains a database of key
pairs in an encrypted file in the server’s private data area. It uses the
password based encryption API provided by the <xref href="GUID-C00FBDE4-EF59-5FED-BA92-625414AF45AE.dita">Crypto
Libraries</xref> component. </p> </li>
</ul> <p>File tokens must be implemented using a client-server architecture,
to enforce platform security (and minimize the exposure of private keys to
client applications in case of the key store). </p></section>
</conbody><related-links>
<link href="GUID-8933D7D5-F84D-5BF2-BF2A-832DA183E26B.dita"><linktext>SecurityConfig</linktext>
</link>
<link href="GUID-A5DCCEB1-77DA-53C9-A1A3-07615DFCD403.dita"><linktext>File-Based
Certificate and Key Stores</linktext></link>
</related-links></concept>